Common Management Agent 3.x / ePolicy Orchestrator Agent 3.x

Posted on November 28, 2008 by visibleprocrastinations

Common Management Agent 3.x / ePolicy Orchestrator Agent 3.x
The McAfee Virtual Technician can detect components of your VirusScan installation that are not being patched via the VirusScan patch cycle. In this case the McAfee Common Management Agent (CMA).

cma-3x

It would appear that Build 3.6.0.453 is installed with VirusScan v8.5i. You can download Patch 3/Hotfix 10 to update to Build 3.6.0.603, but to obtain Patch 4 Build-3.6.0.608 you’ll need your grant number.

  • 3.6.0 Patch 4 Build-3.6.0.608 (Released September 2008) : KB53496
    NOTE: This patch is available from the McAfee downloads page. You will have to login using your grant number. You will see it under the section called “Common Management Agent (CMA) 3.6.0.

  • 3.6.0 Patch 3 w/ HotFix 10 Build-3.6.0.603 (Released April 2008) : Release Notes : KB52556
  • 3.6.0 Build-3.6.0.453 Necessary for use with VSE 8.5i (installed with VSE 8.5i?)

To apply Patch 3/Hotfix 10 you will need to be running an ePO server.

This exploit is only effective in Managed mode installations (CMA deployed and managed by ePO or PrP) because the ports are open. Standalone (unmanaged) installations of CMA are not affected by this vulnerability because the ports are not open. [4]

LINKS:
[1] Version information for Common Management Agent 3.x.x / ePO Agent 3.x.x (2008-SEP-19) [McAfee]
[2] McAfee Common Management Agent 3.6.0 Patch 4 Release Notes (2008-Nov-27) [McAfee]
[3] CMA 3.6 Patch 4 Release Notes (2008-Sep-10) [McAfee]
[4] McAfee Security Bulletin – CMA HTTP Request DoS vulnerability (2008-Oct-14) [McAfee]

This entry was posted in patch, security, virusscan. Bookmark the permalink.

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.